urlscan.io logo urlscan.io
SecurityTrails logo

www.winrebate.net Open in urlscan Pro
2600:9000:2156:ac00:1c:9ca6:da40:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://winrebate.net/
Effective URL: https://www.winrebate.net/
Submission: On June 21 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 8 domains to perform 44 HTTP transactions. The main IP is 2600:9000:2156:ac00:1c:9ca6:da40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.winrebate.net.
TLS certificate: Issued by Amazon RSA 2048 M02 on June 20th 2024. Valid for: a year.
This is the only time www.winrebate.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2600:9000:24f8:6a00:1c:9ca6:da40:93a1 (United States)

ASN16509 (AMAZON-02, US)
winrebate.net
1    2600:9000:2156:ac00:1c:9ca6:da40:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.winrebate.net
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
pagead2.googlesyndication.com
2    2600:9000:275b:aa00:1c:d937:ae40:93a1 (United States)

ASN16509 (AMAZON-02, US)
d3fit27i5nzkqh.cloudfront.net
3    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2600:9000:2447:1200:4:d7e1:700:93a1 (United States)

ASN16509 (AMAZON-02, US)
sc.lfeeder.com
3    2600:9000:223f:ea00:17:3a21:7e40:21 (United States)

ASN16509 (AMAZON-02, US)
d6r6gym8ueyux.cloudfront.net
14    2600:9000:214f:400:f:a462:c1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
d1yei2z3i6k35z.cloudfront.net
4    2600:9000:223f:3c00:f:e793:dc40:21 (United States)

ASN16509 (AMAZON-02, US)
d3syewzhvzylbl.cloudfront.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    18.66.112.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-89.fra56.r.cloudfront.net
tr.lfeeder.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    2600:9000:225e:3a00:a:625d:b500:21 (United States)

ASN16509 (AMAZON-02, US)
d2543nuuc0wvdg.cloudfront.net
2    20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
t.clarity.ms
2    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
24 cloudfront.net
d3fit27i5nzkqh.cloudfront.net
d6r6gym8ueyux.cloudfront.net
d1yei2z3i6k35z.cloudfront.net
d3syewzhvzylbl.cloudfront.net
d2543nuuc0wvdg.cloudfront.net
3 MB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
216 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 743
c.clarity.ms — Cisco Umbrella Rank: 1434
t.clarity.ms — Cisco Umbrella Rank: 7139
29 KB
2 lfeeder.com
sc.lfeeder.com — Cisco Umbrella Rank: 17426
tr.lfeeder.com — Cisco Umbrella Rank: 30497
11 KB
2 winrebate.net
winrebate.net
www.winrebate.net
42 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 224
762 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2355
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
115 KB
44 8
Domain Requested by
14 d1yei2z3i6k35z.cloudfront.net www.winrebate.net
6 pagead2.googlesyndication.com www.winrebate.net
pagead2.googlesyndication.com
4 d3syewzhvzylbl.cloudfront.net www.winrebate.net
3 d6r6gym8ueyux.cloudfront.net www.winrebate.net
3 www.clarity.ms www.winrebate.net
www.clarity.ms
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 t.clarity.ms www.clarity.ms
2 c.clarity.ms 1 redirects
2 d3fit27i5nzkqh.cloudfront.net www.winrebate.net
d3fit27i5nzkqh.cloudfront.net
1 d2543nuuc0wvdg.cloudfront.net
1 c.bing.com 1 redirects
1 tr.lfeeder.com www.winrebate.net
1 region1.google-analytics.com www.googletagmanager.com
1 sc.lfeeder.com www.winrebate.net
1 www.googletagmanager.com www.winrebate.net
1 www.winrebate.net
1 winrebate.net 1 redirects
44 17

This site contains links to these domains. Also see Links.

Domain
systeme.io
Subject Issuer Validity Valid
winrebate.net
Amazon RSA 2048 M02		 2024-06-20 -
2025-07-19		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.lfeeder.com
Amazon RSA 2048 M02		 2024-02-20 -
2025-03-20		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
tpc.googlesyndication.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.winrebate.net/
Frame ID: 4FE2A39F1C82436C20D0EF853549F276
Requests: 41 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Frame ID: D7F05F2C54E19A4A8E876FB2B10576F1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2075433811351167&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1718947016&plat=1%3A16777216%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x675_l&format=0x0&url=https%3A%2F%2Fwww.winrebate.net%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_19~27_15&aiixl=30_6~27_3&aslmct=0.7&asamct=0.7&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&dt=1718947015481&bpp=5&bdt=250&idt=555&shv=r20240618&mjsv=m202406180101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7595978912234&frm=20&pv=2&ga_vid=336651239.1718947016&ga_sid=1718947016&ga_hid=1743722498&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C31084686%2C31084688%2C44795921%2C95334508%2C95334525%2C95334573%2C95335896%2C95331953%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3715517823188844&tmod=1065335595&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=593
Frame ID: 6F6A780E72AE22A8B20483CBBFE297EA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D1ECA98DB7DA62B91F2085DFE8805261
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Squeeze page

Page URL History Show full URLs

  1. https://winrebate.net/ HTTP 301
    https://www.winrebate.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

44
Requests

95 %
HTTPS

76 %
IPv6

8
Domains

17
Subdomains

16
IPs

3
Countries

3814 kB
Transfer

6158 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://winrebate.net/ HTTP 301
    https://www.winrebate.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=80D2A489175C4FF299BD304076EAA089&RedC=c.clarity.ms&MXFR=3525E7BD69B769412C22F3186DB767F2 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=80D2A489175C4FF299BD304076EAA089&MUID=2FE8360C048B65112E0822A9052764B7

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.winrebate.net/
Redirect Chain
  • https://winrebate.net/
  • https://www.winrebate.net/
300 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:ac00:1c:9ca6:da40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
f78d08777800632a24cdae2418f524ccbde48276bfc1052ddb8bed65c4cca12f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=0, must-revalidate, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Jun 2024 05:16:55 GMT
expires
Fri, 21 Jun 2024 05:16:55 GMT
server
nginx/1.24.0
vary
Accept-Encoding
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-id
iNRuxcu2T-fGb6zD-bZYc2GlXvvwYrfWMDqHuCLKjM6hRInLt2LK5Q==
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

content-length
0
date
Fri, 21 Jun 2024 05:16:54 GMT
location
https://www.winrebate.net/
server
CloudFront
via
1.1 4ad6f7d2964ccad9e98ef7dfd5f9c392.cloudfront.net (CloudFront)
x-amz-cf-id
rh9Mi7MpZWiyluOLq4NH8rwrFNFz29H75El79GDg_anlgdve32sDMQ==
x-amz-cf-pop
MCI50-P1
x-cache
FunctionGeneratedResponse from cloudfront
js
www.googletagmanager.com/gtag/ 		346 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HTRGYGHJZZ
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c181b310dc70e034e1266ce1792809734653a42b988a39c3e36f2338b8a3e041
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 05:16:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
117201
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 21 Jun 2024 05:16:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2075433811351167
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
92a9819a6d0a0da2b9914b53ad0ceab286cc92bd95317a12ca8606fa060cc89f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Origin
https://www.winrebate.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 05:16:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52695
x-xss-protection
0
server
cafe
etag
762207250757258451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 21 Jun 2024 05:16:55 GMT
all.min.css
d3fit27i5nzkqh.cloudfront.net/assets/css/ 		486 KB
81 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:aa00:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 12 Feb 2024 17:39:19 GMT
content-encoding
gzip
via
1.1 e7901684d85170d527aec3a64956def6.cloudfront.net (CloudFront)
last-modified
Wed, 18 May 2022 12:25:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
11187457
etag
W/"325672b036bab9b57f6873aed5eccc43"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000,public
x-amz-cf-id
JQenOSU2qkAKd24XpQyFoPTUKypA68wKBI3nMY1yTYF9kbCj7t1sHA==
lofxqsrtc6
www.clarity.ms/tag/ 		637 B
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/lofxqsrtc6?ref=bwt
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
951b3a250f71ad33c8847857e972debd8aee061a25d20d1af4422bb93538985a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Fri, 21 Jun 2024 05:16:55 GMT
x-azure-ref
20240621T051655Z-17d856f5577hgt9cnxmu7egatc00000003cg00000000ez0h
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
637
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
lofxqsrtc6
www.clarity.ms/tag/ 		637 B
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/lofxqsrtc6
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7b1b12f5ee382b4d2e4591dffd617769adbc563acf5242e50ee9fafcf07d074a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Fri, 21 Jun 2024 05:16:55 GMT
x-azure-ref
20240621T051655Z-17d856f5577hgt9cnxmu7egatc00000003cg00000000ez0k
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
637
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
lftracker_v1_lAxoEaKExK17OYGd.js
sc.lfeeder.com/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.lfeeder.com/lftracker_v1_lAxoEaKExK17OYGd.js
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2447:1200:4:d7e1:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a3eeddfcfe0b422240c5be4167122b8765b62b03072cfd28968d36753c0cc57

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 04:32:39 GMT
x-amz-version-id
Rce0LRuuxB8aZgX0Yx9BA25jkgEMFvur
content-encoding
br
last-modified
Wed, 29 May 2024 07:03:26 GMT
server
AmazonS3
via
1.1 87e83cc6e8f384d40eab78133e901302.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P5
etag
W/"37940a9db035cea1b41aa3019f2f3bd2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
age
2657
x-amz-cf-id
yXL_qK9pBdRQBvWComQuRN1UZz0THpF-Le8gwot9Eh6yQAqSOrultw==
runtimeSimplePage.1f5d57551aa31777b361.js
d6r6gym8ueyux.cloudfront.net/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6r6gym8ueyux.cloudfront.net/runtimeSimplePage.1f5d57551aa31777b361.js
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ea00:17:3a21:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
406f6483997aabca124a29e793e21a0da6010ef125fa82c1a88ab0e557818b3b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 07:00:26 GMT
content-encoding
gzip
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
80191
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:308636154300:build/ProdPageEditorBuildPublisher:44e45dad-b4fe-4ce9-bfd0-d23a2f543a3b
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
28314cb57568981991272ac1ea07a800
last-modified
Fri, 14 Jun 2024 14:51:22 GMT
server
AmazonS3
etag
W/"b36fb59db1b08c77338df8b86396266b"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
a7dcead66d7e730ba87150d3cd2bbd0b350b53fa64b722a4b2b4989502e9820e
x-amz-cf-id
lqCJJy_4mFTwgdvAo67649_lkziCAlYzilkxohWbTPmqucpOKuebng==
simplePage.74bb76d8b2e4854fb5a5.js
d6r6gym8ueyux.cloudfront.net/ 		586 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6r6gym8ueyux.cloudfront.net/simplePage.74bb76d8b2e4854fb5a5.js
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ea00:17:3a21:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dff256bbd757d1dd6596fe5e77ed2aef56ab905f756fc7b60a5e79525e099ced

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 08:40:57 GMT
content-encoding
br
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
74159
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:308636154300:build/ProdPageEditorBuildPublisher:084e4d67-0e3b-47ad-90d9-704cbdc0c7f8
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
1ada884217c10d59b2fc3bded29bd8f3
last-modified
Fri, 14 Jun 2024 07:57:47 GMT
server
AmazonS3
etag
W/"51d8d864785e6c3152cf5586a8f1c694"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
478f3d61f6fac6c0596e16027204700d3b1edb673f66457f47fd61ebd5904f5d
x-amz-cf-id
VNenb5sqjlmg7HB0ocG5r4mushUP2zvMqki7iXIs2yhWg6i8_jTmyw==
vendors~simplePage.0c4ddca1d3c92d8f39a6.js
d6r6gym8ueyux.cloudfront.net/ 		733 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6r6gym8ueyux.cloudfront.net/vendors~simplePage.0c4ddca1d3c92d8f39a6.js
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ea00:17:3a21:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90301ba1db8f344b7b08425faf99b2dba9a88d00f159810c6733272b841ed6e1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 07:11:57 GMT
content-encoding
gzip
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
79498
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:308636154300:build/ProdPageEditorBuildPublisher:44e45dad-b4fe-4ce9-bfd0-d23a2f543a3b
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
28314cb57568981991272ac1ea07a800
last-modified
Fri, 14 Jun 2024 14:51:21 GMT
server
AmazonS3
etag
W/"8dea398401eba62f0b1c09631bdd49ab"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
a7dcead66d7e730ba87150d3cd2bbd0b350b53fa64b722a4b2b4989502e9820e
x-amz-cf-id
LNia-fWB9IgRxCZqp69auuhZbpTuM9cTv6t83DFociKou-6aH33_hg==
655c80c91c67a_Group10141.png
d1yei2z3i6k35z.cloudfront.net/systeme-common/ 		480 KB
481 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/systeme-common/655c80c91c67a_Group10141.png
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:400:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc55b182ca91aed065da4cd2c3b301c6f264d3d4f5cb5d52651434a30b99fc3e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 16:25:43 GMT
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
46273
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
491143
last-modified
Tue, 21 Nov 2023 10:04:58 GMT
server
AmazonS3
etag
"49e490713b638d88085d02a02b81cec8"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
ioKNdjNvQtwo7d_B9cQhahMLaD5jTk_Yk73xhYaVvatzjZfr1V5xkg==
regular.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/roboto/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/roboto/regular.woff2
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3c00:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b37d775bb347246729d437f266c2dfcd705a9171580f6149ab673b10a3500367

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Origin
https://www.winrebate.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 06:33:52 GMT
via
1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
81785
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
63024
last-modified
Fri, 14 Apr 2023 06:25:16 GMT
server
AmazonS3
etag
"679aa1b8c499041bf78378f4a5b04162"
access-control-max-age
31536000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
US3IXWL-m90Lec6Mci4H5wiCxQQsOGtrAetj5K4vAy2An5g2RKwrgQ==
700.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/ubuntu/ 		95 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/ubuntu/700.woff2
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3c00:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56239df581596d9f59e4234d40d8063510a298dbaebb537b6e4500920b54b30e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Origin
https://www.winrebate.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 04:21:27 GMT
via
1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
3329
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
97272
last-modified
Fri, 14 Apr 2023 06:25:55 GMT
server
AmazonS3
etag
"e67a51623103aaeb28a214b32108b46a"
access-control-max-age
31536000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
BAtal16Ff1uTHmqrpw36fjo1LiF2fCGTvbFHTX0KJSk9HhYcl6Pgew==
700.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/roboto/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/roboto/700.woff2
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3c00:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9181efb23e405a5ae51f5eb9ed17564496ab30195bfa13ecb923460d8a92300

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Origin
https://www.winrebate.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 04:29:27 GMT
via
1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
31941
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
63512
last-modified
Fri, 14 Apr 2023 06:25:16 GMT
server
AmazonS3
etag
"9912eb289b9a8018ffe746b38a1f4138"
access-control-max-age
31536000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
RfAK12lPithi67Asp4jO5OqO9VK8MCSu0DnpFyKWJUGT3axgv6uLjw==
fa-solid-900.woff2
d3fit27i5nzkqh.cloudfront.net/assets/webfonts/ 		321 KB
322 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3fit27i5nzkqh.cloudfront.net/assets/webfonts/fa-solid-900.woff2
Requested by
Host: d3fit27i5nzkqh.cloudfront.net
URL: https://d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:aa00:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css
Origin
https://www.winrebate.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 12:25:33 GMT
via
1.1 f2a51982e289d888963f4f93b48c5f22.cloudfront.net (CloudFront)
last-modified
Wed, 18 May 2022 12:25:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
751883
etag
"6ebcf9f18ded9c54f71ec1198c32aa52"
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=31536000,public
accept-ranges
bytes
content-length
329204
x-amz-cf-id
-PL_RlivRLWIBdr5WFlbapT0fFUd7DuYGAStugPoHL4kFoqcFynuZA==
655c7cc4bdc17_Group68.svg
d1yei2z3i6k35z.cloudfront.net/systeme-common/ 		1 KB
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/systeme-common/655c7cc4bdc17_Group68.svg
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:400:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7aed6f54323f6758f5f5f18a97fa498a2b1f0b445ceb8992b4f147a5d4b20bd1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 19:33:19 GMT
content-encoding
gzip
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified
Tue, 21 Nov 2023 09:47:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
35017
etag
W/"f399e0b9416128be7b0c7172fa7df536"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31536000
x-robots-tag
noindex
x-amz-cf-id
ZquTRA3Zehgtbd5fEwbhHOGbsmb5NgWeizabkBj4KMAgcqFmEy9JOA==
655c92785ca02_inflatable-1-PhotoRoom.png-PhotoRoom.png
d1yei2z3i6k35z.cloudfront.net/systeme-common/ 		282 KB
283 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/systeme-common/655c92785ca02_inflatable-1-PhotoRoom.png-PhotoRoom.png
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:400:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
599b31887e74913ca5be1c7b11eb4475fa6d6396ab8bb42f9ed0b3bf9931b17f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 19:33:19 GMT
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
35017
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
289275
last-modified
Tue, 21 Nov 2023 11:20:25 GMT
server
AmazonS3
etag
"e55dbb564fd7db68e40fea117a3fa017"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
cveHRHQtrkgCL1GCU9D0iLbb-Js_93GvL4aeK267oZIY0IBwv5KJmg==
655c986424b5f_inflatable-3-PhotoRoom.png-PhotoRoom.png
d1yei2z3i6k35z.cloudfront.net/systeme-common/ 		272 KB
273 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/systeme-common/655c986424b5f_inflatable-3-PhotoRoom.png-PhotoRoom.png
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:400:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1702fb44538de7f2c8a7fcfa906568c3beda0a8c76f15557849732e533e83ad7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 19:33:19 GMT
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
35017
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
278569
last-modified
Tue, 21 Nov 2023 11:45:41 GMT
server
AmazonS3
etag
"1085014b9117b19a7ce3ec0c9865d8e4"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
TB02EfDxqtl6lUydVklVVDjtxoACEq_BO9P3XKMSJGA4WDb_F2ANXA==
655c9af00213e_inflatable-6-PhotoRoom.png-PhotoRoom.png
d1yei2z3i6k35z.cloudfront.net/systeme-common/ 		300 KB
300 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/systeme-common/655c9af00213e_inflatable-6-PhotoRoom.png-PhotoRoom.png
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:400:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2885da385665d89c812e8e8cab7ff8ac312a1f7285789ffe4d07bcd3fb6a287b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 19:33:19 GMT
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
35017
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
306879
last-modified
Tue, 21 Nov 2023 11:56:34 GMT
server
AmazonS3
etag
"75d82b08b7ddbe84bb74775e2efb4296"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
RckfGrCFJDTxAQpoDDKrIkeS8uQiPr74ItztNyCeTbXjWe6e-MOdRw==
655c993fba86e_inflatable-5-PhotoRoom.png-PhotoRoom.png
d1yei2z3i6k35z.cloudfront.net/systeme-common/ 		238 KB
238 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/systeme-common/655c993fba86e_inflatable-5-PhotoRoom.png-PhotoRoom.png
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:400:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b3c043c43892cb2df7585581a78e1c37d98cc16709be24f33dd6e41c6b3fe36

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 19:33:19 GMT
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
35017
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
243219
last-modified
Tue, 21 Nov 2023 11:49:21 GMT
server
AmazonS3
etag
"a01bbd26d05978cefd067f6aee78dbe2"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
A5Gc6Tg0AHZuTjR1AbV_m0SZ6RFgLT7HjwKwnp0AQLbX-1_IAFAgRw==
655c9d0f8657e_inflatable-17-PhotoRoom.png-PhotoRoom.png
d1yei2z3i6k35z.cloudfront.net/systeme-common/ 		255 KB
256 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/systeme-common/655c9d0f8657e_inflatable-17-PhotoRoom.png-PhotoRoom.png
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:400:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1eb7d73b06b8de243dd30492a22206945ad3b39cd4647a9001112b6fb5c1407d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 04:15:32 GMT
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
176484
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
261326
last-modified
Tue, 21 Nov 2023 12:05:36 GMT
server
AmazonS3
etag
"3e8c92ea7c2ad0041c16216d03710867"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
hTc8j_s6-3tkEol5P5wUmFM1v2OFLUmE4zu1AiuF2Kt-kOg1yACDdw==
655c9c1e8772b_inflatable-29-PhotoRoom.png-PhotoRoom.png
d1yei2z3i6k35z.cloudfront.net/systeme-common/ 		176 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/systeme-common/655c9c1e8772b_inflatable-29-PhotoRoom.png-PhotoRoom.png
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:400:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0fb9b3ac3159ef83777144df21568d5d06678a048e8b0d496f8933190564cdd0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 09:04:41 GMT
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
159135
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
179929
last-modified
Tue, 21 Nov 2023 12:01:36 GMT
server
AmazonS3
etag
"4417a3287476232f8e4f10dd4570a941"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
yDQJI8q-6GQ5ymay76Ns26Jbu4fYYgGrZasp1WH4suqnRAAhedCc9A==
655c8512d860f_inflatable-10.png
d1yei2z3i6k35z.cloudfront.net/systeme-common/ 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/systeme-common/655c8512d860f_inflatable-10.png
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:400:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba7df074bfcdead10cdaf747578e10e7aa570b7bca9b19441c384fbac8f48c87

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 06:31:23 GMT
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
254733
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
124259
last-modified
Tue, 21 Nov 2023 10:23:16 GMT
server
AmazonS3
etag
"03b1fb97c0ad7bd1ea998b2011ccddaa"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
JOjCOaPHcgyb5j96iXPYTcoUxUOplVw8nTFuazB_IjS-g-lqT8mdeg==
655c8558a1b6d_inflatable-11.png
d1yei2z3i6k35z.cloudfront.net/systeme-common/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/systeme-common/655c8558a1b6d_inflatable-11.png
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:400:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f3d0fff7d008b617e85d5527746b2599de86778f0fd8f087980e76e33c9f7d4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 06:31:23 GMT
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
254733
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
109359
last-modified
Tue, 21 Nov 2023 10:24:26 GMT
server
AmazonS3
etag
"691b7fcbff7ebcc963e9beb0aea6abc3"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
SIrfqxXLTsiDGsC7BxLFaKpry6I3Fi5GZuXC5XNXbmr0S5GxYiHsFQ==
655c85c3ee44c_inflatable-7.png
d1yei2z3i6k35z.cloudfront.net/systeme-common/ 		102 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/systeme-common/655c85c3ee44c_inflatable-7.png
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:400:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
476629f13c169dfa161f894d7ffc8c4888ff886366581a2561a9c14b02c318e1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 06:31:23 GMT
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
254733
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
104726
last-modified
Tue, 21 Nov 2023 10:26:13 GMT
server
AmazonS3
etag
"4d44b55cc12e83f97b08304be4d1a570"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
Du4JC7fnRCqMNrCmF7aaA_ap4vf_AeMpLtnJP6hkanlpmFa6uoEKZQ==
655c882d67770_icons8-instagram.svg
d1yei2z3i6k35z.cloudfront.net/systeme-common/ 		1 KB
977 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/systeme-common/655c882d67770_icons8-instagram.svg
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:400:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c94ae35c10dd79e1ab8ac59ba14a46fe9f7ee8688e715f101d137148c64d46d3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:54:49 GMT
content-encoding
gzip
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified
Tue, 21 Nov 2023 10:36:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
181327
etag
W/"c9f867620a5c83d70d15e07dbc542b5f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31536000
x-robots-tag
noindex
x-amz-cf-id
ETIy2H93y-cceknuu4vEoZT5dQgW7qSHgVpJo6zHnpb2KA8PABqrZg==
655c8836ea597_icons8-facebook.svg
d1yei2z3i6k35z.cloudfront.net/systeme-common/ 		657 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/systeme-common/655c8836ea597_icons8-facebook.svg
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:400:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
438e4e3a15548add05e82f75db95d6e9f35ea7771f7455e90c4219f79a474663

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:54:49 GMT
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
181327
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
657
last-modified
Tue, 21 Nov 2023 10:36:40 GMT
server
AmazonS3
etag
"3f80c5db57f733eb964fab7adb1ac5b8"
vary
Origin
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
FGU7kiqERv2axYsaaVcKXIQrB5pifIeojM-FMIRAq1WYA2tRThP5qw==
655c885730363_icons8-youtube.svg
d1yei2z3i6k35z.cloudfront.net/systeme-common/ 		1007 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/systeme-common/655c885730363_icons8-youtube.svg
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:400:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17f4dc47bd0b697089254f32ccee750e80df75d36af69148da5971b1ad67c740

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 05:10:22 GMT
content-encoding
gzip
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified
Tue, 21 Nov 2023 10:37:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
518794
etag
W/"5de703db40bfd46fc0fa06f124b26087"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31536000
x-robots-tag
noindex
x-amz-cf-id
_69U6fmO-o-hpEqfYpRPGwZWGvHe2FFuddI-zmr-iWNVuopOkr-3DQ==
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/ 		431 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2075433811351167&plah=www.winrebate.net&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2075433811351167
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
d9fd7235001a9d176ef61ec5e43379ac9c45c60ef7622cd08872f0e4e5551781
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 05:16:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148825
x-xss-protection
0
server
cafe
etag
6977994297533710061
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 21 Jun 2024 05:16:55 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HTRGYGHJZZ&gtm=45je46j0v9181087348za200&_p=1718947015258&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=336651239.1718947016&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718947015&sct=1&seg=0&dl=https%3A%2F%2Fwww.winrebate.net%2F&dt=Squeeze%20page&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1216&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HTRGYGHJZZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 21 Jun 2024 05:16:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.winrebate.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
affiliate_badge_logo.png
d3syewzhvzylbl.cloudfront.net/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3syewzhvzylbl.cloudfront.net/images/affiliate_badge_logo.png
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3c00:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
786da302e95e77c4d1d81bd9b5262029cca6156ab196d4315d3918eb9c79d7b6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 14 Dec 2023 09:01:09 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
16402547
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
10472
last-modified
Thu, 14 Dec 2023 08:47:35 GMT
server
AmazonS3
etag
"8ef4308d7726d4ff8621170e787130ed"
access-control-max-age
31536000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
x-amz-cf-id
L0niwZOpSxDvTqnRhqNStgXbQ1Rrc0PtVro0F1FxSf-1jMh_fGawYw==
/
tr.lfeeder.com/ 		43 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.lfeeder.com/?sid=lAxoEaKExK17OYGd&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLUhUUkdZR0hKWloiXSwiZ2FDbGllbnRJZHMiOlsiMzM2NjUxMjM5LjE3MTg5NDcwMTYiXSwiY29udGV4dCI6eyJsaWJyYXJ5Ijp7Im5hbWUiOiJsZnRyYWNrZXIiLCJ2ZXJzaW9uIjoiMi42My4wIn0sInBhZ2VVcmwiOiJodHRwczovL3d3dy53aW5yZWJhdGUubmV0LyIsInBhZ2VUaXRsZSI6IlNxdWVlemUgcGFnZSIsInJlZmVycmVyIjoiIn0sImV2ZW50IjoidHJhY2tpbmctZXZlbnQiLCJjbGllbnRFdmVudElkIjoiMDMxOTA4YmQ1ZWQzYzAyOCIsInNjcmlwdElkIjoibEF4b0VhS0V4SzE3T1lHZCIsImNvb2tpZXNFbmFibGVkIjp0cnVlLCJjb25zZW50TGV2ZWwiOiJub25lIiwiYW5vbnltaXplSXAiOmZhbHNlLCJsZkNsaWVudElkIjoiTEYxLjEuZjgyNjkxZmVjMzg1ZmQ2ZC4xNzE4OTQ3MDE1OTk1IiwiZm9yZWlnbkNvb2tpZXMiOltdLCJwcm9wZXJ0aWVzIjp7fSwiYXV0b1RyYWNraW5nRW5hYmxlZCI6dHJ1ZSwiYXV0b1RyYWNraW5nTW9kZSI6InNwYSJ9
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-89.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 05:16:56 GMT
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
LambdaGeneratedResponse from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
sgsHuCt0iCJ9fEma1y3LJXjzIQ2fPKWXo5BsKxtzna8JknaCOp3X0w==
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/lofxqsrtc6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 05:16:56 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240621T051656Z-17d856f5577hgt9cnxmu7egatc00000003cg00000000ez27
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
949203f2-601e-0050-0434-c2ec8b000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/ Frame D7F0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2075433811351167&plah=www.winrebate.net&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.winrebate.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
34743
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jun 2024 19:37:53 GMT
etag
9187630395144177108
expires
Thu, 04 Jul 2024 19:37:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=AffiliateBadgeUi-wzepun-0%20bjLeTS&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: www.winrebate.net
URL: https://www.winrebate.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 21 Jun 2024 05:16:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/pagead/ Frame 6F6A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2075433811351167&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1718947016&plat=1%3A16777216%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x675_l&format=0x0&url=https%3A%2F%2Fwww.winrebate.net%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_19~27_15&aiixl=30_6~27_3&aslmct=0.7&asamct=0.7&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&dt=1718947015481&bpp=5&bdt=250&idt=555&shv=r20240618&mjsv=m202406180101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7595978912234&frm=20&pv=2&ga_vid=336651239.1718947016&ga_sid=1718947016&ga_hid=1743722498&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C31084686%2C31084688%2C44795921%2C95334508%2C95334525%2C95334573%2C95335896%2C95331953%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3715517823188844&tmod=1065335595&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=593
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2075433811351167&plah=www.winrebate.net&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.winrebate.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jun 2024 05:16:56 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=80D2A489175C4FF299BD304076EAA089&RedC=c.clarity.ms&MXFR=3525E7BD69B769412C22F3186DB767F2
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=80D2A489175C4FF299BD304076EAA089&MUID=2FE8360C048B65112E0822A9052764B7
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=80D2A489175C4FF299BD304076EAA089&MUID=2FE8360C048B65112E0822A9052764B7
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.winrebate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jun 2024 05:16:56 GMT
last-modified
Wed, 19 Jun 2024 18:40:50 GMT
server
Microsoft-IIS/10.0
etag
"2c9f213578c2da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 21 Jun 2024 05:16:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5065487F646241B9A49F02C104B68D58 Ref B: FRA31EDGE0113 Ref C: 2024-06-21T05:16:56Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=80D2A489175C4FF299BD304076EAA089&MUID=2FE8360C048B65112E0822A9052764B7
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240618&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2075433811351167&plah=www.winrebate.net&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
d671f56451a30d87b1992bfdd70254f9d1efe992c57c6708bcfb389b9fc45cd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 05:16:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12530
x-xss-protection
0
favicon.ico
d2543nuuc0wvdg.cloudfront.net/ 		105 KB
106 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d2543nuuc0wvdg.cloudfront.net/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:3a00:a:625d:b500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a3f31746c28415015a70910ee9cfbe1c02badc387864d917d12da0027f18c11

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 03:19:59 GMT
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
last-modified
Fri, 21 May 2021 09:07:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
7018
etag
"f55949ec10d9a837c0602a861265edff"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/x-icon
accept-ranges
bytes
content-length
107684
x-amz-cf-id
GuSNuraXKEweg5ItHdQUk-TXyo4dwfWGzQ-0OGVt4mqhLYBmHGLN5w==
collect
t.clarity.ms/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://www.winrebate.net
Date
Fri, 21 Jun 2024 05:16:56 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2075433811351167&plah=www.winrebate.net&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 05:16:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Jun 2024 05:16:56 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D1EC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.winrebate.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
43048
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jun 2024 17:19:28 GMT
expires
Fri, 20 Jun 2025 17:19:28 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
collect
t.clarity.ms/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://www.winrebate.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://www.winrebate.net
Date
Fri, 21 Jun 2024 05:16:57 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240618&jk=3715517823188844&bg=!ICOlI2zNAAb64txl2uI7ADQBe5WfOLbVuZOcbkPbEBT1k5m2062_zOQ2gJVr8Zt_p8zVL4_az_K1LFOLDm0ij4DFnQZCAgAAAEVSAAAAA2gBB34ANlkM6GZWbAryzZ8LW17e_ohrAthvJqJ_BFbtCd9dmSZok4HNklfelzmNCbNlNvFRjq-UkCsOipkCzIq0OzG3WUsDM28pMw1T0WGTclRL_PfJv4ZffXcMGT5rxzD8Lh4be-EBkHCMMSfm5oH39PXCCGPMOpgrAZ5RW2Q4gvjnW_kHH0Zr3Lw7F5ynpZnppgj1Y6gMuWJNZoACcZGDzPzlcmTST24iRd06lF-5URxpqkQxbAeegqyxI1qzXf5ZL-3aBHC30gZ3qC02saEOf8fXlnJyfS_a6804k_-eKqnBFaGsGIqua0dEAsU5Sna89sjy9o4zGZbYpKfZoRgp5I5HfkRLnWl9cqnJu0tNi6WnsNNQ2NDfg0ldYwtmwkrovnhCTdiM4ynulL8zCCyTZFvrS3Qtb6w5HO0fTphfvC8GKAyjYLrzPVkZfaoB7UXoNRBoOvgGbKex0wSaB6VAJUPoYh-sVftnisKvihqw34N2YPoIZThOt52SbFz9hEHRxHeyVuV-tdllgLWykymH7NNyJ_XByIa8yu94oqaN-69a3ES3-V1qyXNWzJ5rhQEdBuNgIRK0Ojfg3sEoydW4VrfK_SwBk3REFzyQgQGIGmo34genPYCxPI7Do7LqENSveJgHSOEH0RGPrHPmXeiUNNr2BtegZ__jI4jCL1zswGGnwVmB3aONN7xGajno2MCJW2yiUxPZxXsxwci8CqXBqXwpHx7Z5QP9n0WCjinC75VN4RfhRDSueowEziI5CBHH11ayjN2wQheB41cy8wb_h2LODPWHL1K0lP8kOtQp5Z8itK1w-SVHAgz5QvjxmqSnrtJGNCGSqO0hxS-bazWY-P7tvjvwoCXzFe2mFPMo1Kx5I52BlAGSwPRDGg7mSGpAdrtS_AmDaKZedZcb_icr2tZ2qN8Pw46xYUzxqasBuLkmIqS4qyl24G3wxL-YLVlcj7W2GYiwPhmE3rpBUfulvK37NClXcKxHY-M8f8Zpi_EWWt2f4uPy1yejY1gzP1UjjZ-rQE6flCLQ

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage function| gtag object| dataLayer function| clarity function| ldfdr object| fs object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| initialI18nStore string| initialLanguage object| google_tag_manager string| google_user_agent_client_hint object| webpackChunkeditor object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| __gaConnectorEventsEmitted object| scCGSHMRCache object| regeneratorRuntime function| setImmediate function| clearImmediate function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms

15 Cookies

Domain/Path Name / Value
www.winrebate.net/ Name: v
Value: 01J0WKKTG9S2R89DGEF33BQNAT
www.clarity.ms/ Name: CLID
Value: cd78bf678e92420cb6faad9466c0cee7.20240621.20250621
.winrebate.net/ Name: _ga_HTRGYGHJZZ
Value: GS1.1.1718947015.1.0.1718947015.0.0.0
.winrebate.net/ Name: _ga
Value: GA1.1.336651239.1718947016
.winrebate.net/ Name: _gcl_au
Value: 1.1.1800525051.1718947016
.winrebate.net/ Name: _lfa
Value: LF1.1.f82691fec385fd6d.1718947015995
.winrebate.net/ Name: _clck
Value: dr6fl%7C2%7Cfmt%7C0%7C1633
.bing.com/ Name: MUID
Value: 2FE8360C048B65112E0822A9052764B7
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2FE8360C048B65112E0822A9052764B7
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2FE8360C048B65112E0822A9052764B7
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.winrebate.net/ Name: _clsk
Value: mnwc2b%7C1718947016725%7C1%7C1%7Ct.clarity.ms%2Fcollect

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
d1yei2z3i6k35z.cloudfront.net
d2543nuuc0wvdg.cloudfront.net
d3fit27i5nzkqh.cloudfront.net
d3syewzhvzylbl.cloudfront.net
d6r6gym8ueyux.cloudfront.net
pagead2.googlesyndication.com
region1.google-analytics.com
sc.lfeeder.com
t.clarity.ms
tpc.googlesyndication.com
tr.lfeeder.com
winrebate.net
www.clarity.ms
www.googletagmanager.com
www.winrebate.net
pagead2.googlesyndication.com
142.250.186.34
18.66.112.89
20.114.189.70
2001:4860:4802:32::36
2600:9000:214f:400:f:a462:c1c0:93a1
2600:9000:2156:ac00:1c:9ca6:da40:93a1
2600:9000:223f:3c00:f:e793:dc40:21
2600:9000:223f:ea00:17:3a21:7e40:21
2600:9000:225e:3a00:a:625d:b500:21
2600:9000:2447:1200:4:d7e1:700:93a1
2600:9000:24f8:6a00:1c:9ca6:da40:93a1
2600:9000:275b:aa00:1c:d937:ae40:93a1
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2001
68.219.88.97
0fb9b3ac3159ef83777144df21568d5d06678a048e8b0d496f8933190564cdd0
1702fb44538de7f2c8a7fcfa906568c3beda0a8c76f15557849732e533e83ad7
17f4dc47bd0b697089254f32ccee750e80df75d36af69148da5971b1ad67c740
1eb7d73b06b8de243dd30492a22206945ad3b39cd4647a9001112b6fb5c1407d
2885da385665d89c812e8e8cab7ff8ac312a1f7285789ffe4d07bcd3fb6a287b
406f6483997aabca124a29e793e21a0da6010ef125fa82c1a88ab0e557818b3b
438e4e3a15548add05e82f75db95d6e9f35ea7771f7455e90c4219f79a474663
476629f13c169dfa161f894d7ffc8c4888ff886366581a2561a9c14b02c318e1
56239df581596d9f59e4234d40d8063510a298dbaebb537b6e4500920b54b30e
599b31887e74913ca5be1c7b11eb4475fa6d6396ab8bb42f9ed0b3bf9931b17f
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
786da302e95e77c4d1d81bd9b5262029cca6156ab196d4315d3918eb9c79d7b6
7a3eeddfcfe0b422240c5be4167122b8765b62b03072cfd28968d36753c0cc57
7aed6f54323f6758f5f5f18a97fa498a2b1f0b445ceb8992b4f147a5d4b20bd1
7b1b12f5ee382b4d2e4591dffd617769adbc563acf5242e50ee9fafcf07d074a
7b3c043c43892cb2df7585581a78e1c37d98cc16709be24f33dd6e41c6b3fe36
90301ba1db8f344b7b08425faf99b2dba9a88d00f159810c6733272b841ed6e1
92a9819a6d0a0da2b9914b53ad0ceab286cc92bd95317a12ca8606fa060cc89f
951b3a250f71ad33c8847857e972debd8aee061a25d20d1af4422bb93538985a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a3f31746c28415015a70910ee9cfbe1c02badc387864d917d12da0027f18c11
9f3d0fff7d008b617e85d5527746b2599de86778f0fd8f087980e76e33c9f7d4
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d
a9181efb23e405a5ae51f5eb9ed17564496ab30195bfa13ecb923460d8a92300
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b37d775bb347246729d437f266c2dfcd705a9171580f6149ab673b10a3500367
ba7df074bfcdead10cdaf747578e10e7aa570b7bca9b19441c384fbac8f48c87
c181b310dc70e034e1266ce1792809734653a42b988a39c3e36f2338b8a3e041
c94ae35c10dd79e1ab8ac59ba14a46fe9f7ee8688e715f101d137148c64d46d3
d671f56451a30d87b1992bfdd70254f9d1efe992c57c6708bcfb389b9fc45cd0
d9fd7235001a9d176ef61ec5e43379ac9c45c60ef7622cd08872f0e4e5551781
dc55b182ca91aed065da4cd2c3b301c6f264d3d4f5cb5d52651434a30b99fc3e
dff256bbd757d1dd6596fe5e77ed2aef56ab905f756fc7b60a5e79525e099ced
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62
f78d08777800632a24cdae2418f524ccbde48276bfc1052ddb8bed65c4cca12f